If you chose the “participate in community” option it might be already submitted
(not sure if that works for both FPs and legit detections)
Alternately, right-click on the file in the chest, the “submit as a false positive” option should be there.
Although, this detection appears heuristic or behavior based, not signature based, by the “SuspbehavB” label, I am not sure if submitting it will matter?
Can anyone else clear that up?, as I am unsure.
First, what shield is flagging it, Network or Web Shield?
URL void site says it is clean.>>http://www.urlvoid.com/<<This is a good URL check, if you dont already know about it.
Report 2010-05-29 10:15:34 (GMT 1)
Website www1.plala.or.jp
Domain Hash 3de8691fbcb0400de4cc17a8acafd689
IP Address 60.43.63.101 [SCAN]
IP Hostname www1.plala.or.jp
IP Country JP (Japan)
AS Number 4713
AS Name OCN NTT Communications Corporation
Detections 0 / 18 (0 %)
Status CLEAN
Scanning site with: BrowserDefender CLEAN
Scanning site with: Google Diagnostic CLEAN
Scanning site with: hpHosts CLEAN
Scanning site with: Malware Patrol CLEAN
Scanning site with: MalwareDomainList CLEAN
Scanning site with: McAfee SiteAdvisor CLEAN
Scanning site with: McAfee Trusted Source CLEAN
Scanning site with: MyWOT CLEAN
Scanning site with: Norton SafeWeb CLEAN
Scanning site with: ParetoLogic URL Clearing House CLEAN
Scanning site with: PhishTank CLEAN
Scanning site with: Project Honey Pot CLEAN
Scanning site with: Spamhaus CLEAN
Scanning site with: SURBL CLEAN
Scanning site with: TrendMicro Web Reputation CLEAN
Scanning site with: URIBL CLEAN
Scanning site with: Web Security Guard CLEAN
Scanning site with: ZeuS Tracker CLEAN
Well avast is blocking the site because it is on the network shields list of malicious sites, so there must be many previous malware detections/incidents for it to get on the list.
So it looks like this user site is getting tarred with the same brush as the main site.
Apparently it is, but still you better give it to us like: htxp://www1.plala.or.jp/tete009/en-US/software.html
so that unaware users can’t click it whenever it should be hacked anew…
Malicious software was hosted before directing to 1 domain, including russlewis50b.com/, listed as suspicious!
This site was hosted on 1 network(s) including AS4713 (OCN).